Security Weekly Podcast Network (Audio‪)‬ Security Weekly Productions

Only one funding announcement this week, so we dive deep into Thoma Bravo's past and present portfolio. They recently announced a sale of Venafi to Cyberark and no one is quite sure how much of a hand they had in the LogRhythm/Exabeam merger, and whether or not they sold their stake in the process.
We also have a crazy stat Ross Haleliuk spotted in Bessemer's analysis: "13 out of 14 cybersecurity companies acquired in the past year for over $100M were from Israel". Is this an anomaly? Does it just mean that Israel wasn't shy about selling when the market was down? We discuss.
A number of new product announcements continue to trickle out post-RSA.
We'll also discuss Sam Altman and OpenAI's decision to use Scarlett Johansson's voice against her will and what it could mean for deepfakes, advanced social engineering techniques, and general big tech sliminess.
Do you know what a "product glorifier" is? How about a glowstacker? You will if you check out the second-to-last story in the show notes!
See the show notes for individual descriptions on each RSAC interview. This week, we feature speakers from Sailpoint, Okta, Ping Identity, LimaCharlie, QwietAI, and Picus!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-363

The Security Weekly crew and special guest Seemant Sehgal explore what PTaaS involves, how it differs from traditional penetration testing, and why it's becoming a crucial service for companies of all sizes to protect their digital assets. We'll discuss the how PTaaS is using the latest technologies (e.g machine learning), the benefits of having a third-party service, and real-world scenarios where PTaaS has successfully thwarted potential security breaches. PTaaS can be a game-changer in enhancing your organization’s security posture!
This segment is sponsored by Breachlock. Visit https://securityweekly.com/breachlock to learn more about them!
An exploit that makes you more secure, pardon the interruption, water heater company in hot water, IoT devices are vulnerable, Squeege and RDP scraping, free laundry for everyone!, Wifi routers and Apple Air tags, North Koreans fill US IT positions, taking out drones, the NVD backlog, IBM is no longer a security company?, and DNSBombs!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw-830

Big Tech, Fighting a Junta, Keylogger in Microsoft , APT Hackers, Free Laundry, Joshua Marpet & more on this edition of the Security Weekly News!
Visit https://www.securityweekly.com/swn for all the latest episodes!
Show Notes: https://securityweekly.com/swn-388

Secure coding education should be more than a list of issues or repeating generic advice. Liran Tal explains his approach to teaching developers through examples that start with exploiting known vulns and end with discussions on possible fixes. Not only does this create a more engaging experience, but it also relies on code that looks familiar to developers rather than contrived or overly simplistic examples.
Segment resources:
https://github.com/lirantal https://cheatsheetseries.owasp.org/cheatsheets/NPMSecurityCheat_Sheet.html https://lirantal.com/blog/poor-express-authentication-patterns-nodejs The challenge of evaluating threat alerts in aggregate – what a collection and sequence of threat signals tell us about an attacker’s sophistication and motives – has bedeviled SOC teams since the dawn of the Iron Age. Vectra AI CTO Oliver Tavakoli will discuss how the design principles of our XDR platform deal with this challenge and how GenAI impacts this perspective.
Segment Resources:
Vectra AI Platform Video: https://vimeo.com/916801622
Blog: https://www.vectra.ai/blog/what-is-xdr-the-promise-of-xdr-capabilities-explained
Blog: https://www.vectra.ai/blog/xdr-explored-the-evolution-and-impact-of-extended-detection-and-response
MXDR Calculator: https://www.vectra.ai/calculators/mxdr-value-calculator
This segment is sponsored by Vectra AI. Visit https://securityweekly.com/vectrarsac to learn more about them!
In this interview, we will discuss the network security challenges of business applications and how they can also be the solution. AlgoSec has spent over two decades tackling tough security issues in some of the world’s most complex networks. Now, they’re applying their expertise to hybrid networks—where customers are combining their on-premise resources along with multiple cloud providers.
Segment Resources: https://www.algosec.com/resources/
This segment is sponsored by AlgoSec. Visit https://securityweekly.com/algosecrsac to learn more about them!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-286

This week, it’s time for security money, our quarterly review of the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. This quarter, Rubrick's IPO saves the index, as Cisco finishes the acquisition of Splunk. The index is now made up of the following 25 pure play cybersecurity public companies:
Secureworks Corp Palo Alto Networks Inc Check Point Software Technologies Ltd. Rubrik Inc Gen Digital Inc Fortinet Inc Akamai Technologies, Inc. F5 Inc Zscaler Inc Onespan Inc Leidos Holdings Inc Qualys Inc Verint Systems Inc. Cyberark Software Ltd Tenable Holdings Inc Darktrace PLC SentinelOne Inc Cloudflare Inc Crowdstrike Holdings Inc NetScout Systems, Inc. Varonis Systems Inc Rapid7 Inc Fastly Inc Radware Ltd A10 Networks Inc
In this segment, Theresa will unpack the complexities of cyber resilience, and dive into new research that examines dynamic computing. She’ll discuss how it merges IT and business operations, taps into data-driven decision-making, and redefines computing for the modern era.
This segment is sponsored by LevelBlue. Visit https://www.Securityweekly.com/levelbluersac to learn more about them!
In this segment, Jim can discuss how organizations can enhance their cybersecurity posture with Blumira’s automated threat monitoring, detection and response solutions. Jim can talk about the exciting plans Blumira has in store for the next 3 years, emphasizing how the company is lowering the barrier to entry in cybersecurity for SMBs.
Segment Resources: https://www.blumira.com/customer-stories/ https://www.blumira.com/why-blumira/
This segment is sponsored by Blumira. Visit https://securityweekly.com/blumirarsac to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw-351

Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & more on this edition of the Security Weekly News.
Visit https://www.securityweekly.com/swn for all the latest episodes!
Show Notes: https://securityweekly.com/swn-387